Home Technology Kaspersky launches online Incident Response training course

Kaspersky launches online Incident Response training course


14 June 2022
According to the recent Kaspersky survey conducted among senior non-IT
management and business owners, 73% of firms can’t handle a ransomware attack
alone or with the help of regular IT service providers. To offer in-house cybersecurity
teams and InfoSec professionals an opportunity to expand their analytical skills in the
incident response domain, Kaspersky has designed a new Windows Incident Response
training course.
Over recent years the lack of skilled technical staff who can detect and respond to complex
incidents, along with a lack of visibility across infrastructure and consistent management, have
been the biggest challenges for businesses in dealing with complicated cyber threats.
The recent global study by Kaspersky titled “How do business executives perceive
ransomware threat?” 1 confirms that most firms (73%) will have to seek the help of external
incident response providers’ in the event of a ransomware attack. This is despite the fact that
73% of respondents from APAC consider there to be a high possibility of these attacks on their
It is also likely that companies who have never experienced a ransomware attack overestimate
the skills of their regular security providers and in-house IT teams. The statistics show that
organizations that have previously been exposed to such threats rely less on their existing

1 The research was conducted with 900 respondents across North America, South America, Africa,
Russia, Europe and Asia-Pacific in April 2022 among companies with up to 1000 employees. several attacksWas attacked onceHad no ransomware attacks

For companies looking to improve the expertise of their in-house digital forensics and incident
response teams, as well as for IT security practitioners looking to upgrade relevant skills,
Kaspersky has expanded its online expert training portfolio. The Windows Incident
Response training was developed by experts from the company’s Global Emergency
Response Team (GERT) with more than 12 years’ experience in the field.
During the course, which is heavily focused on practical skills, Ayman Shaaban, Digital
Forensics and Incident Response Manager and Kai Schuricht, Senior Incident Response
Specialist, will take students through incident detection using the example of a real-life REvil
ransomware case.
By the end of the course IT security practitioners will know how to identify and respond to a
cyberincident and will be able to differentiate APTs from other threats, as well as studying
various attack techniques and a targeted attack anatomy through the Cyber Kill Chain.
Participants will master evidence acquisition, all phases of incident detection, log file analysis,
network analysis and the creation of IoCs, and also get introduced to memory forensics.
Students will be granted access to a simulated virtual working environment with all the
necessary tools, including ELK stack, PowerShell, Suricata, YARA, and more, to practice IR
Sandra Lee, Managing Director of Asia Pacific, Kaspersky said “Cyberattacks are one of the
most pressing concerns, and Kaspersky understands the need of providing frequent training to
its stakeholders and constituent organizations in order to better prepare them to identify and
respond to cyberattacks, including ransomware. An interactive real-life REvil ransomware
scenario that replicates a cyber-assault will assist participants in better understanding the
intricacies of incident identification while developing knowledge and expertise in cyber security
against cyberattacks and collaborating efficiently.”

See also  Apple iPhone Users on iOS 14 Report Problems With Receiving Texts, WhatsApp Notifications

“Incident Response capabilities require specialized skills to verify and handle threats in a
timely manner, as well as to minimize the damage from an incident. Since no one is immune to
a cyberattack, and it becomes increasingly more difficult to prevent a security perimeter
penetration, remediation and the knowledge and experience of how to respond are more in
demand than ever before.” adds Kai Schuricht, Senior Incident Response Specialist at
“Responding to complex incidents and uncovering attack steps is a huge challenge for InfoSec
experts. Within this new course we’ve concentrated GERT knowledge gained from handling
security incidents for Kaspersky customers around the globe. Our aim was not only to provide
extensive theory around the subject, but to also provide real applied skills through end-to-end
ransomware case investigation.” comments Ayman Shaaban, Digital Forensic and Incident
Response Manager at Kaspersky.
The self-guided training course includes 40 video lessons and 100 hours of virtual lab time for
hands-on learning. The estimated training duration is 15 hours, but participants will have six
months of access to the platform to finish the training.